Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-06-14 08:49:00 |
Codecov to retire the Bash script responsible for supply chain attack wave (lien direct) |
A new uploader, shipped as a NodeJS executable, has been introduced in its place. |
|
|
|
|
2021-06-11 13:00:03 |
Lax security around URL shortener exposed PII of US retailer Carter\'s customer base (lien direct) |
Hundreds of thousands of customers may have been impacted. |
|
|
|
|
2021-06-11 08:30:01 |
Card Broken: 1000 arrests made in Chinese crackdown on fraud, cryptocurrency laundering (lien direct) |
Criminals involved in telecom scams allegedly funneled their profits through cryptocurrency platforms. |
|
|
|
|
2021-06-11 07:48:15 |
Feds strike Slilpp, a marketplace for flogging initial access credentials (lien direct) |
The marketplace was one of the largest sellers of stolen login information. |
|
|
|
|
2021-06-10 13:00:03 |
This new hacking group has a nasty surprise for African, Middle East diplomats (lien direct) |
The newly-discovered APT pulls no punches when it comes to cyberespionage. |
|
|
|
|
2021-06-10 10:13:00 |
Amazon data usage to feature in new UK antitrust probe: report (lien direct) |
Reports suggest a formal investigation into potential merchant favoritism is planned. |
|
|
|
|
2021-06-09 09:19:00 |
Apple pays millions of dollars to student after repair staff leak her explicit photos online (lien direct) |
Sensitive photos were accessed and leaked by workers repairing her iPhone. |
|
|
|
|
2021-06-09 08:34:19 |
PuzzleMaker attacks exploit Windows zero-day, Chrome vulnerabilities (lien direct) |
Two of the zero-days used were patched by Microsoft on Tuesday. |
|
|
|
|
2021-06-08 12:00:02 |
A deep dive into Nefilim, a ransomware group with an eye for $1bn+ revenue companies (lien direct) |
The group is one of many that employ two separate methods to blackmail victims. |
Ransomware
|
|
|
|
2021-06-07 16:00:03 |
Facebook ramps up privacy efforts with end-to-end encrypted audio, video calling trials in Secret Conversations (lien direct) |
The tech giant says that improving Secret Conversations will be the focus of the research. |
|
|
|
|
2021-06-07 10:00:00 |
Siloscape: this new malware targets Windows containers to access Kubernetes clusters (lien direct) |
Researchers say this is the first malware strain they know of that specifically targets Windows containers. |
Malware
|
Uber
|
|
|
2021-06-07 07:38:57 |
The cost of ransomware attacks worldwide will go beyond $265 billion in the next decade (lien direct) |
Ransomware has been likened to a hydra -- cut off one head, and more appear in its place. |
Ransomware
|
|
|
|
2021-06-03 12:00:00 |
Necro Python bot revamped with new VMWare, server exploits (lien direct) |
The latest version of the bot has also been equipped with a cryptocurrency miner. |
|
|
|
|
2021-06-03 10:00:00 |
Chinese cybercriminals spent three years creating a new backdoor to spy on governments (lien direct) |
The new tool has been used in ongoing cyberespionage activities. |
Tool
|
|
|
|
2021-06-03 09:12:31 |
A new surprise feature for Norton 360 antivirus users: you can mine for cryptocurrency (lien direct) |
The vendor says that bringing mining in-house has security benefits. |
|
|
|
|
2021-06-03 08:21:27 |
WhatsApp backtracks on app limitations if you refuse new privacy terms (lien direct) |
App functionality will not be restricted if you refuse. |
|
|
|
|
2021-06-02 13:00:00 |
This is how attackers bypass Microsoft\'s AMSI anti-malware scanning protection (lien direct) |
Researchers outline common tactics for circumventing the security software. |
|
|
|
|
2021-06-02 12:00:06 |
XSS vulnerability found in popular WYSIWYG website editor (lien direct) |
The security flaw was found in how HTML sanitizing is performed. |
Vulnerability
|
|
|
|
2021-06-02 10:05:53 |
Russian underground forums launch competitions for cryptocurrency, NFT hacks (lien direct) |
Prizes are on offer for everything from stealing wallet funds to compromising NFTs. |
|
|
|
|
2021-06-02 10:00:03 |
US schools land IBM grants to protect themselves against ransomware (lien direct) |
The grants are worth a total of $3 million. |
Ransomware
|
|
|
|
2021-06-01 10:43:00 |
Asian cybercrime takedown leads to intercept of $83 million in financial theft (lien direct) |
Police intercepted funds that were on their way to the accounts of financial fraudsters. |
|
|
|
|
2021-06-01 09:53:44 |
SEC charges US promoters for marketing alleged BitConnect cryptocurrency Ponzi scheme (lien direct) |
Promoters of a suspected, high-profile exit scam are now in the hot seat. |
|
|
|
|
2021-05-28 09:42:00 |
Researchers find four new malware tools created to exploit Pulse Secure VPN appliances (lien direct) |
There are now at least 16 malware families designed to compromise Pulse Secure VPN products. |
Malware
|
|
|
|
2021-05-27 10:00:00 |
Fake human rights organization, UN branding used to target Uyghurs in ongoing cyberattacks (lien direct) |
The ethnic group is being targeted in spy campaigns under the guise of the United Nations. |
|
|
|
|
2021-05-26 10:52:40 |
Bluetooth bugs open the door for attackers to impersonate devices (lien direct) |
Devices supporting the Bluetooth Core and Mesh specifications are impacted. |
|
|
|
|
2021-05-26 09:37:00 |
Russian national jailed for running stolen data, hijacked account seller platform deer.io (lien direct) |
Kirill Victorovich Firsov was arrested by the FBI last year. |
|
|
|
|
2021-05-25 14:00:03 |
Not as complex as we thought: Cyberattacks on operational technology are on the rise (lien direct) |
Common techniques are setting a low bar for attacks on control processes. Sometimes, attackers have no idea what the system is used for. |
|
|
|
|
2021-05-25 11:00:00 |
Iranian hacking group Agrius pretends to encrypt files for a ransom, destroys it instead (lien direct) |
The relatively new threat group has been connected to attacks against Israeli targets. |
Threat
|
|
|
|
2021-05-25 10:00:03 |
Russian dark web marketplace Hydra cryptocurrency transactions reached $1.37bn in 2020 (lien direct) |
The market is used to trade everything from drugs to stolen data. |
|
|
|
|
2021-05-25 09:07:31 |
Encrochat drug dealer betrayed by his love of cheese (lien direct) |
Police were able to arrest him by using a shared photo of Stilton as a starting point. |
|
|
|
|
2021-05-24 09:36:50 |
FBI identifies 16 Conti ransomware attacks striking US healthcare, first responders (lien direct) |
One of Conti's latest victims is Ireland's health service. |
Ransomware
|
|
|
|
2021-05-24 08:22:42 |
FBI intelligence analyst indicted for theft of cybersecurity, counterterrorism documents (lien direct) |
The former agent held top-level clearance privileges. |
|
|
|
|
2021-05-21 10:28:19 |
Irish court issues injunction against Conti hackers to stop health service data exposure, sale (lien direct) |
The group has warned that the data will be leaked or sold if a $20 million ransom demand is not met. |
|
|
|
|
2021-05-21 09:16:56 |
US insurance giant CNA Financial paid $40 million ransom to regain control of systems: report (lien direct) |
CNA Financial reportedly paid up a few weeks after the attack in March. |
|
|
|
|
2021-05-20 13:00:00 |
Fraudsters employ Amazon \'vishing\' attacks in fake order scams (lien direct) |
Case studies highlight how scam artists are using voice messages to dupe their victims into handing over credentials or cash. |
Studies
|
|
|
|
2021-05-20 11:12:21 |
Android apps exposed data of millions of users through cloud authentication failures (lien direct) |
Malicious apps are not the only security problem on our handsets: misconfiguration can also put us at risk. |
|
|
|
|
2021-05-20 11:04:06 |
Colonial Pipeline CEO: Paying DarkSide ransom was the \'right thing to do for the country\' (lien direct) |
The chief executive has confirmed the payment of a $4.4 million ransom. |
|
|
|
|
2021-05-19 11:06:52 |
Bizarro banking Trojan surges across Europe (lien direct) |
Operators have so far targeted customers of at least 70 banks across Europe and South America. |
|
|
|
|
2021-05-19 10:20:22 |
Amazon extends ban on police using Rekognition facial recognition technology, no end in sight (lien direct) |
The existing moratorium will continue as Congress has not tackled concerns raised by the use of the technology in criminal cases. |
|
|
|
|
2021-05-19 10:00:03 |
Cybercriminals scanned for vulnerable Microsoft Exchange servers within five minutes of news going public (lien direct) |
Research suggests the cheap hire of cloud services has allowed cyberattackers to quickly pick out targets. |
|
|
|
|
2021-05-19 09:00:03 |
This is how the Cobalt Strike penetration testing tool is being abused by cybercriminals (lien direct) |
Cobalt Strike is a popular tool with cybersecurity professionals. Unfortunately, it's also utilized by threat actors. |
Threat
Tool
|
|
|
|
2021-05-18 16:48:02 |
Antivirus software, explained (lien direct) |
Antivirus software isn't enough to protect our devices and accounts any longer, but it still provides a key layer of defense. |
|
|
|
|
2021-05-18 08:00:15 |
FBI receives record level of complaints for online scams, investment fraud (lien direct) |
Victims are set to lose the most when they fall for romance scams and business email compromise. |
|
|
|
|
2021-05-18 06:55:00 |
Android stalkerware detection rates surged over 2020 (lien direct) |
Not only are the apps potentially unethical, but vendors also aren't interested in fixing core security issues found within them. |
|
|
|
|
2021-05-14 11:45:00 |
Toshiba unit struck by DarkSide ransomware group (lien direct) |
Following Colonial Pipeline, a DarkSide affiliate has claimed another victim. |
Ransomware
|
|
|
|
2021-05-14 10:10:24 |
Cloudflare wants to kill the CAPTCHA (lien direct) |
Security keys could not only bolster authentication but may also remove one of the most annoying aspects of the internet. |
|
|
|
|
2021-05-14 08:42:46 |
(Déjà vu) Rapid7 source code, alert data accessed in Codecov supply chain attack (lien direct) |
The breached source code subset was used for internal tooling. |
|
|
|
|
2021-05-13 19:00:04 |
HelpSystems expands email, cloud security portfolio with acquisition of Agari, Beyond Security (lien direct) |
The vendor is targeting areas ripe for growth in the cybersecurity field. |
|
|
|
|
2021-05-13 14:47:00 |
Colonial Pipeline paid close to $5 million in ransomware blackmail payment (lien direct) |
The payment was reportedly made soon after the attack began. It wasn't enough to stop the disruption. |
Ransomware
|
|
★★★★★
|
|
2021-05-13 09:35:47 |
Fake Android, iOS apps promise lucrative investments while stealing your money (lien direct) |
Hundreds of malicious cryptocurrency, stock, and banking apps have been discovered by researchers. |
|
|
|